BigFix Platform

All the BigFix applications run on top of the BigFix platform.

The BigFix platform is a multi-layered technology platform that acts as the core part of the global IT infrastructure. The platform is a dynamic, content-driven messaging and management system that distributes the work of managing IT infrastructures out to the managed devices themselves, the agents.

The platform can manage up to 250,000 physical and virtual computers, over private or public networks, including servers desktops, roaming laptops, mobile phones, Point-Of-Sale devices, Automated Teller Machines, and self-service kiosks.

The platform supports Microsoft Windows, UNIX, Linux, and Mac OS. For information about the supported versions, see Server requirements.

In terms of features and benefits, BigFix platform delivers:
A single intelligent agent
It operates with less than 10 megabytes of RAM and it must be installed on every computer that must be managed. It continuously assesses the state of the endpoint against the stated policy, whether connected to the network or not. As soon as the agent notices that the target out of compliance with a policy or checklist, it informs the server, runs the configured remediation task, and immediately notifies the server of the task status and result. In most cases, the agent operates silently, without any direct intervention from the user. However, if you want to solicit a user response, the program also allows you to provide screen prompts. A computer with the BigFix agent installed is also referred to as a client.
A single console
Whatever specific solution you use, whether it is endpoint protection, systems lifecycle management or security configuration and vulnerability management, it is managed from a single console. If you are an operator with the required privileges, from the console you can quickly and easily distribute a fix to only those computers that need it, with no impact on the rest of the network. For information about Console requirements, see Console requirements.
A single server
It coordinates the flow of information to and from individual clients and stores the results in the database. It manages policy-based content and allows the operator to maintain real-time visibility and control over all devices in the environment. The content is delivered in messages that are called Fixlet and it is updated continuously using the Content Delivery cloud-based service. Because most of the analysis, processing, and enforcement work is done by the agent rather than the server, one server can support up to 250.000 endpoints. High availability is enabled by employing multiple servers.
Optionally one or more relays
They help manage distributed devices and policy content. A relay is a client, that is enhanced with a relay service. It performs all client actions to protect the host computer, and in addition, delivers content and software downloads to child clients and relays. Instead of requiring every networked computer to directly access the server, relays can be used to offload much of the burden. Hundreds of clients can point to a relay for downloads, which in turn makes only a single request to the server. Relays can connect to other relays as well, further increasing efficiency. Promoting an agent to a relay takes minutes and does not require dedicated hardware or network configuration changes.
Optionally a secondary server
A Disaster Server Architecture (DSA) server, which replicates the server information for disaster recovery. If a BigFix server fails, other BigFix servers automatically take over as fully functional BigFix servers.
Web Reports
Using the Web Reports program you can:
  • Produce charts and graphs of your data, providing you with hardcopy.
  • Help you to maintain an audit trail of all the Fixlet activity in your network.
  • Export data for further manipulation in a spreadsheet or database.
  • Aggregate information from extra BigFix servers that are installed at your organization.
The interface runs in a web browser and provides a set of users with visibility into the state of the computers, but no rights to alter those computers.